Notice of Privacy Practices

Updated Jul 2, 2024

Oat Meds LLC

THIS NOTICE DETAILS HOW YOUR MEDICAL INFORMATION MAY BE USED AND DISCLOSED AND HOW YOU MAY REQUEST ACCESS TO THIS INFORMATION. PLEASE REVIEW THIS NOTICE CAREFULLY.

This Notice of Privacy Practices (the “Notice”) explains how Oat Meds LLC (“we” or “our”) may use and share your protected health information for treatment, payment, business operations, and other purposes allowed or required by law. Although we are not classified as a “Covered Entity” under the Health Insurance Portability and Accountability Act (“HIPAA”), we have chosen to voluntarily adhere to applicable HIPAA standards. “Protected health information” or “PHI” refers to information that can identify you, including demographic data, and relates to your past, present, or future physical health, medical treatments, or payment for healthcare services. This Notice also outlines your rights to access and control your protected health information. We are required by law to maintain the privacy of your protected health information and to provide you with this Notice of our legal duties and privacy practices with respect to your protected health information.

Uses and disclosures of protected health information

Your protected health information may be used and disclosed by our healthcare providers, our staff, and others outside of our office that are involved in your care and treatment for the purpose of providing healthcare services to you, to support our business operations, to obtain payment for your treatment, and any other use authorized or required by law.

Treatment

We will use and disclose your protected health information to provide, coordinate, or manage your healthcare and any related services. This includes the coordination or management of your healthcare with a third party partner. For example, your protected health information may be provided to a healthcare provider to whom you have been referred to ensure the necessary information is accessible to diagnose or treat you.

Payment

Your protected health information may be used to bill or obtain payment for your healthcare services. This may include certain activities that your health insurance plan may undertake before it approves or pays for your services, such as: making a determination of eligibility or coverage for insurance benefits and reviewing services provided to you for medical necessity.

Healthcare operations

We may use or disclose, as needed, your protected health information in order to support the business activities of Oat Meds LLC. These activities include, but are not limited to, improving quality of care, providing information about treatment alternatives or other health related benefits and services, development or maintaining and supporting computer systems, legal services, and conducting audits and compliance programs, including fraud, waste, and abuse investigations.

Uses and disclosures that do not require your authorization

We may use or disclose your protected health information in the following situations without your authorization. These situations include the following uses and disclosures:

  • as required by law
  • for public health purposes
  • for healthcare oversight purposes
  • for abuse or neglect reporting
  • pursuant to Food and Drug Administration requirements
  • in connection with legal proceedings
  • for law enforcement purposes
  • to coroners, funeral directors and organ donation agencies
  • for certain research purposes
  • for certain criminal activities
  • for certain military activity and national security purposes
  • for workers' compensation reporting
  • relating to certain inmate reporting
  • other required uses and disclosures

Under the law, we must make certain disclosures to you upon your request, and when required by the Secretary of the Department of Health and Human Services to investigate or determine our compliance with the requirements of the Health Insurance Portability and Accountability Act (HIPAA). State laws may further restrict these disclosures.

Usages and disclosures that require your authorization

Other permitted and required uses and disclosures will be made only with your consent, authorization or opportunity to object unless permitted or required by law. Without your authorization, we are expressly prohibited from using or disclosing your protected health information for marketing purposes. We may not sell your protected health information without your authorization. Your protected health information will not be used for fundraising. If you provide us with an authorization for certain uses and disclosures of your information, you may revoke such authorization, at any time, in writing, except to the extent that we have taken an action in reliance on the use or disclosure indicated in the authorization.

Your rights relating to your protected health information

  • You have the right to inspect and copy your protected health information.
  • You may request access to or an amendment of your protected health information.
  • You have the right to request a restriction on the use or disclosure of your protected health/personal information.
  • Your request must be in writing and state the specific restriction requested and to whom you want the restriction to apply. We are not required to agree to a restriction that you may request, except if the requested restriction is on a disclosure to a health plan for a payment or health care operations purpose regarding a service that has been paid in full out-of-pocket.
  • You have the right to request to receive confidential communications from us by alternative means or at an alternate location. We will comply with all reasonable requests submitted in writing which specify how or where you wish to receive these communications.
  • You have the right to request an amendment of your projected health information. If we deny your request for amendment, you have the right to file a statement of disagreement with us. We may prepare a rebuttal to our statement and we will provide you with a copy of any such rebuttal.
  • You have the right to receive an accounting of certain disclosures of your protected health information that we have made, paper or electronic, except for certain disclosures which were pursuant to an authorization, for purposes of treatment, payment, healthcare operations (unless the information is maintained in an electronic health record); or for certain other purposes.
  • You have the right to obtain a paper copy of this Notice, upon request, even if you have previously requested its receipt electronically by e-mail.

Procedures and safeguards

Oat Meds is committed to protecting the security and confidentiality of your protected health information. We use a combination of reasonable physical, technical, and administrative security controls to maintain the security and integrity of your protected health information, to protect against any anticipated threats or hazards to the security or integrity of such information, and to protect against unauthorized access to or use of such information in Our possession or control that could result in substantial harm or inconvenience to You. However, Internet data transmissions, whether wired or wireless, cannot be guaranteed to be 100% secure. As a result, We cannot ensure the security of information You transmit to Us. By using the Services, You are assuming this risk.

All information is collected by Oat Meds over a Secure Socket Layer (SSL) connection. The information collected by Oat Meds and stored on secure servers, is protected by a combination of technical, administrative, and physical security safeguards, such as authentication, encryption, backups, and access controls. If Oat Meds learns of a security concern, We may attempt to notify You and provide information on protective steps, if available, through the e-mail address that You have provided to Us or the phone number you have provided depending on where You live, You may have a legal right to receive such notices in writing.

You are solely responsible for protecting information entered or generated via the Services that is stored on Your device and/or removable device storage. Oat Meds has no access to or control over Your device’s security settings, and it is up to You to implement any device-level security features and protections You feel are appropriate (e.g., password protection, encryption, remote wipe capability, etc.). We recommend that You take any and all appropriate steps to secure any device that You use to access Our Services.

NOTWITHSTANDING ANY OF THE STEPS TAKEN BY US, IT IS NOT POSSIBLE TO GUARANTEE THE SECURITY OR INTEGRITY OF DATA TRANSMITTED OVER THE INTERNET. THERE IS NO GUARANTEE THAT YOUR PERSONAL DATA WILL NOT BE ACCESSED, DISCLOSED, ALTERED, OR DESTROYED DESPITE THE IMPLEMENTATION OF OUR PHYSICAL, TECHNICAL, OR ADMINISTRATIVE SAFEGUARDS. THEREFORE, WE DO NOT AND CANNOT ENSURE OR WARRANT THE SECURITY OR INTEGRITY OF ANY PERSONAL DATA YOU TRANSMIT TO US AND YOU TRANSMIT SUCH PERSONAL DATA AT YOUR OWN RISK.

Breach of health information

We will notify you if a reportable breach of your unsecured protected health information is discovered. Notification will be made to you no later than 60 days from the breach discovery and will include a brief description of how the breach occurred, the protected health information involved and contact information for you to ask questions.

Revisions to this privacy notice

We reserve the right to revise this Notice and to make the revised Notice effective for protected health information we already have about you as well as any information we may receive in the future. You are entitled to a copy of the Notice currently in effect. Any significant changes to this Notice will be posted on our web site. You then have the right to object or withdraw as provided in this Notice.

Complaints

Complaints about this Notice or how we handle your protected health information should be directed to our HIPAA Privacy Officer. If you are not satisfied with the manner in which a complaint is handled you may submit a formal complaint to the Department of Health and Human Services, Office for Civil Rights by sending a letter to 200 Independence Avenue, S.W., Washington, D.C. 20201, calling 1-877-696-6775, or visiting www.hhs.gov/ocr/privacy/hipaa/complaints/. We will not retaliate against you for filing a complaint.

We must follow the duties and privacy practices described in this Notice. We will ensure the privacy of your protected health information and notify affected individuals in the event of a breach of unsecured protected health information. If you have any questions about this Notice, please contact us at privacy@oatmeds.com and ask to speak with our HIPAA Privacy Officer.